jenkins-plugin-workflow-cps: Sandbox bypass in Pipeline: Groovy Plugin (SECURITY-1336(2))

A flaw was found in the Jenkins Workflow CPS plugin. Parsing, compilation, and script instantiations provided by a crafted Groovy script could escape the sandbox allowing users to execute arbitrary code on the Jenkins master. The highest risk from this vulnerability is to data confidentiality and...

jenkins-plugin-script-security: sandbox bypass in script security plugin

A flaw was found in the Jenkins Script Security plugin version 1.53. An attacker with Overall/Read permissions is able to escape the sandbox and execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

CVE-2019-1003041

A flaw was found in the Jenkins Workflow CPS plugin. Groovy Plugins could be circumvented through methods supporting type casts and type coercion allowing attackers to invoke constructors for arbitrary types. The highest threat from this vulnerability is to data confidentiality and integrity as...

CVE-2019-1003040

A flaw was found in the Jenkins Script Security plugin. Groovy Plugins could be circumvented through methods supporting type casts and type coercion allowing attackers to invoke constructors for arbitrary types. The highest threat from this vulnerability is to data confidentiality and integrity a...

CVE-2019-1003034

A flaw was found in the Jenkins Job DSL plugin. Parsing, compilation, and script instantiations provided by a crafted Groovy script could escape the sandbox allowing users to execute arbitrary code on the Jenkins master. The highest risk from this vulnerability is to data confidentiality and...

CVE-2019-1003031

A flaw was found in the Jenkins Matrix Project plugin version 1.13. An attacker with Job/Configure permission can bypass the sandbox and can execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

CVE-2019-1003029

A flaw was found in the Jenkins Script Security plugin version 1.53. An attacker with Overall/Read permissions is able to escape the sandbox and execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

dotnet: NuGet Tampering Vulnerability

A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. The highest threat from this vulnerability is to data...

CVE-2018-12180

A flaw was found in edk2. When registering a RAM disk whose size is not a multiple of 512 bytes, the BlockIo protocol produced by the RamDiskDxe driver will incur memory read/write overrun. The memory overrun will happen when reading/writing the last block on the RAM disk. The highest threat from...

KLA11494 DOS vulnerability in Apache Tomcat

Incorrect requests handling int Apache HTTP/2. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.x Security Vulnerabilities Related products Apache-Tomcat CVE list CVE-2019-0199 warning Solution Update to the latest version Download...

CVE-2018-20749

A flaw was found in libvncserver. An incomplete fix for CVE-2018-15127 leaves open an out-of-bounds write vulnerability in code for the file transfer extension. This vulnerability can be remotely exploited. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

CVE-2018-20750

A flaw was found in libvncserver. An incomplete fix for CVE-2018-15127 leaves open an out-of-bounds write vulnerability in code for the file transfer extension. This vulnerability can be remotely exploited. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

CVE-2018-8788

A flaw was found in freerdp in versions before 2.0.0-rc4. An out-of-bounds write of up to 4 bytes in the nscrledecode function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2018-8786

A flaw was found in freerdp in versions prior to version 2.0.0-rc4. An integer truncation that leads to a heap-based buffer overflow in the updatereadbitmapupdate function results in a memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

CVE-2018-8787

A flaw was found in freerdp in versions before versions 2.0.0-rc4. An integer overflow that leads to a heap-based buffer overflow in the gdiBitmapDecompress function leads to memory corruption. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

CVE-2019-1003001

A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Re...

CVE-2019-1003000

A flaw was found in Jenkins Pipeline. The Script Security sandbox protection could be circumvented during the script compilation phase by applying AST, transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are...

The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ALSA driver /dev/snd/seq in Linux operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target

A flaw was found in the ISCSI target code in the Linux kernel. The flaw allows an unauthenticated, remote attacker to cause a stack buffer overflow of 17 bytes of the stack. Depending on how the kernel was compiled e.g. compiler, compile flags, and hardware architecture, the attack may lead to a...

Philips iSite/IntelliSpace PACS Vulnerabilities (Update A)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Philips Equipment: iSite and IntelliSpace PACS Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Code/Source Code...